General

  • Target

    WaveBypasser.exe

  • Size

    53.1MB

  • Sample

    241015-1ac92sxgre

  • MD5

    adeb13ed4be55e7843db3a23ca09837a

  • SHA1

    c91d0cc7184de97a4d9221d36ec0abe1ebed0ffd

  • SHA256

    4270cf9684c5839b360fc33c9a8101e40f2f4c768a8ce55b4b0e0236a1bb7082

  • SHA512

    298cfb6d54db45019e460f13ab52f7e2b03c44c2c2f3a5c71130d64a048fc7b74f12c3c1e990295ab7182247bd819b03cd3c09e8ab26109fa0dc37ea26649a51

  • SSDEEP

    786432:fiIZWeEw7SQqMoknvNpA+vIlo0FdGgBQJbTiumfSXdZESWqEIBBwW2HK3EE:amEweQqMrlpA+Ql4pxTivfS4qrBB1UE

Malware Config

Targets

    • Target

      WaveBypasser.exe

    • Size

      53.1MB

    • MD5

      adeb13ed4be55e7843db3a23ca09837a

    • SHA1

      c91d0cc7184de97a4d9221d36ec0abe1ebed0ffd

    • SHA256

      4270cf9684c5839b360fc33c9a8101e40f2f4c768a8ce55b4b0e0236a1bb7082

    • SHA512

      298cfb6d54db45019e460f13ab52f7e2b03c44c2c2f3a5c71130d64a048fc7b74f12c3c1e990295ab7182247bd819b03cd3c09e8ab26109fa0dc37ea26649a51

    • SSDEEP

      786432:fiIZWeEw7SQqMoknvNpA+vIlo0FdGgBQJbTiumfSXdZESWqEIBBwW2HK3EE:amEweQqMrlpA+Ql4pxTivfS4qrBB1UE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      loader-o.pyc

    • Size

      63KB

    • MD5

      8de2b2c9af7704e4c2ba5a86f94a216b

    • SHA1

      ff16489804fc2708ec5091f996a3186d7caf7d74

    • SHA256

      9317d8ca4325112f32d959f94de7b5a3e9df47f4ea29cda9b6546b9129e759e0

    • SHA512

      cdb5119edecec96f95463b56720c1cb90f41d42ae331f81e302e3daccc457fe2476e73e6e1b8a16a80b97dd7e02c4a3c9900616439278e8ef35794455c2f1484

    • SSDEEP

      768:XSRsdpf+li6q7MTvZUwxbKnV5qmd49qrwcMdmgug4FCbTfqf3:XSR0f+liaTvZZs5iIrquHCbOf3

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks